Privacy Notices

Privacy Policy

Purpose

We would like to inform you about the personal data we process when you use our services and the operations described below.

Personal data (hereinafter "data") is all data that can be personally attributed to you, e.g., your name, email address, and usage of our services.

Data Controller

The controller under the GDPR is: Kieler Str. 33C, 24768 Rendsburg, support@masdev.de.

You can contact our Data Protection Officer via email at support@masdev.de or by post to our address with the note "Data Protection Officer".

Browser Data

When you visit our website, our web server automatically collects the following data sent by your browser:

  • IP address of your device
  • Date and time of the request
  • Content of the request (specific page)
  • Access status and amount of data transferred
  • Browser product and version information
  • Operating system of your device
  • Website from which access to our website occurred

These data are technically necessary for us to display our website and to ensure the stability and security of our website. The recipient in this context is our server host.

Your device's IP address is stored only for the duration of your use of the website and is then deleted immediately or anonymized by truncation.

The legal basis is Art. 6(1) lit. f GDPR, based on our legitimate interests for the purposes mentioned above.

Functional Cookies

We use cookies to make your use of our website more convenient.

Cookies are small text files sent from our web server to your browser during your visit and stored on your device for later retrieval. They allow recognition of your browser.

We use cookies to make your preferences available, to automatically fill in your personal data during future interactions, or to ensure authorization.

Session cookies are deleted automatically when you close the browser. Other cookies are deleted automatically after a specified period, depending on the cookie. The exact retention time can be found in your browser settings.

You can configure your browser to accept or reject cookies, including third-party cookies. Please note that rejecting cookies may prevent you from using all functions of this website.

You can delete cookies at any time in your browser's security settings.

The legal basis is Art. 6(1) lit. f GDPR, based on our legitimate interests mentioned above.

Your Inquiry

We provide various contact options, such as our address, email, phone number, chat systems, online appointment scheduling, social media presence, and contact form.

When you contact us, we use the data you provide, such as your email address, name, and the content of your inquiry, to process your request.

In communication, we may also use Messenger. You are entitled to use any of our other communication channels at any time. If the Messenger uses end-to-end encryption, the provider cannot access message content.

However, the Messenger provider may access metadata, such as the fact that communication occurred and which device was used. These data are processed by the Messenger provider according to its privacy policy.

We delete such data once storage is no longer required, or restrict processing if legal retention obligations exist.

The legal basis is Art. 6(1) lit. b GDPR.

Customer Area Invitation

To improve collaboration, we may invite you to our customer area via email. By clicking the link, you can view order information and add additional details.

We delete your data after statutory civil retention periods expire.

We provide AI services in the customer area that you can use to further improve collaboration. Please note that data may be transmitted to the service during the use of these AI services.

AI Services

Even if our AI services are hosted on our own servers, data processing is performed by the AI services to provide the requested functions.

Deepseek (self-hosted) – Website: deepseek.de | Privacy Notices: Privacy Policy ChatGPT (API) – Website: openai.com | Privacy Notices: Privacy Policy

The legal basis is Art. 6(1) lit. b GDPR.

Business Relationship

To establish or execute a contract for the services offered by us or you, we need personal data.

During contract negotiation or execution, you must provide the personal data necessary for the establishment, execution, and termination of the contract, as well as fulfilling related contractual obligations.

We process your data to execute the contract and comply with legal requirements, which may include sharing data with subcontractors, payment providers, or authorities.

According to commercial and tax regulations, contract data is stored for eight years. After two years, processing is restricted so that data is only used to comply with legal obligations.

The legal basis is Art. 6(1) lit. b GDPR.

Web Conferences

Web conferences include online meetings, video conferences, screen sharing, or webinars. Providers are used to carry them out.

Registration and communication data generated during the conference are processed.

The provider may process usage and metadata for service optimization. Purpose, scope, and your rights are described in the respective provider's privacy policy.

BigBlueButton – Website: bigbluebutton.org | Privacy Notices: Privacy Policy

If we request your consent, the legal basis is Art. 6(1) lit. a GDPR; otherwise, it is lit. b.

App Data Processing

Installation and In-App Purchases

When downloading the app, required information is transmitted to the app store you selected (e.g., Google Play or Apple App Store), including username, email, account number, download time, payment information, and device identifier.

Processing is performed solely by the app store and is outside our control.

Usage Data

During your app usage, certain required data is collected automatically, such as internal device ID, OS version, and access time.

This data is transmitted to us automatically but not stored. It is used solely to provide the service, improve performance, and prevent misuse.

For certain app features, you may need to provide personal data.

Data is stored on our servers, allowing access from different devices.

We delete data once it is no longer required or restrict processing if legal retention obligations exist.

The legal basis is Art. 6(1) lit. b or f GDPR, based on our legitimate interests.

Permissions

Some app functions may require device access permissions, displayed before download.

Upon first use, consent for required functions is requested. Permissions can typically be revoked in device settings, depending on the OS.

Permissions may include:

  • Internet – required to establish a connection and store inputs on our servers
  • Push notifications – to display information and offers on your device
  • Microphone – to record audio, e.g., for video or voice input
  • Camera – to take photos and videos, scan information, or use Face-ID

The legal basis is Art. 6(1) lit. a or b GDPR.

Third-Party Services

We use third-party services to optimize our offerings. When accessing a service containing a third-party component, a direct connection to the third-party servers may occur.

The third party receives information that you or your IP visited the relevant page. If logged in, the visit may be linked to your account.

Interactions, such as button clicks, are transmitted directly to the third party. To avoid this, log out before visiting the service.

Recognition methods such as cookies or fingerprinting may be used. If required, we provide tools to control these methods.

Purpose, scope, and settings are described in the respective third-party privacy notices.

Embedded Services

We embed third-party services to make the website more informative and functional.

Currently, we do not embed any external third-party services on our website.

Analytics Services

We use analytics services to statistically evaluate user behavior and improve our offerings.

Currently, we do not use any analytics tools on our website.

Advertising Services

We use advertising and performance measurement services to display relevant ads and measure effectiveness. User behavior may be analyzed across our site or others.

We do not collect or process data ourselves but receive statistical evaluations from the advertising service.

Currently, we do not use any specific advertising services.

Push Notification Services (App)

We can send information and offers via push notifications if allowed in settings. Your device is registered with the respective push service.

A key is generated from the app ID and your device identifier and stored on our push platform.

Tokens may be used to authorize push notifications for specific devices. The service acts only as a transmitter.

We use providers such as:

Firebase Cloud Messaging – Website | Privacy Notices Apple Push Notification – Website | Privacy Notices

If we request consent, the legal basis is Art. 6(1) lit. a GDPR; otherwise, lit. f.

Service Providers

If we use service providers who process data on our behalf under Art. 28 GDPR, we have a corresponding contract with them.

If providers are located outside the EU or EEA, processing occurs only with adequate data protection or suitable guarantees, e.g., EU standard contractual clauses.

Further information is available on request.

Your Rights

You have the following rights regarding your data:

  • Right of access
  • Right to rectification or deletion
  • Right to restrict processing
  • Right to object to processing
  • Right to data portability
  • Right to lodge a complaint with a data protection authority

If you have given consent for data processing, you may withdraw it at any time with future effect.

You may object to direct marketing at any time. In specific situations, you can also object to processing based on Art. 6(1) lit. f GDPR.